Raz-Lee Security, a leading supplier of information security solutions for IBM Power i servers (iSeries/AS/400), has enhanced iSecurity AP-Journal with an Eclipse-based GUI environment. This makes Application Security easier than ever to implement and use.

AP-Journal keeps managers closely informed of all changes in their valuable information assets and streamlines IBM i journaling procedures. AP-Journal’s standard features include: 

• Addressing PCI, SOX, HIPAA, etc. requirements for closely monitoring and raising alerts when application data changes
• Long-term storage of sensitive business information, independent of journal receiver lifecycle to adhere to storage limits
• Output as e-mailed CSV, HTML, PDF attachments, Outfile, Print or within GUI
• READ operations selectively added to OS/400 Journal Receivers, complying with PCI requirements for accessing sensitive data
• Timeline & cross-application reports based upon user-defined business items
• Real time Syslog, SNMP and Twitter alerts, in addition to alerts sent as e-mails, SMS messages, operator messages, etc.
• “Mass” uploading of data base update information directly to SIEM systems via Syslog without I/O overhead of writing to disk

The new GUI support in AP-Journal includes:

• Defining applications, including:
  • Journaled files
  • Business items which are common fields appearing in multiple files
  • Filtering rules for long term retention of selected data fields
  • Defining alerts based upon pre-determined field-level thresholds and activities
• Reporting on application changes, including “before” and “after” data images based on:
  • OS/400 journal receivers
  • Special purpose journal containers which contain long term, application-specific information
• Using the unique business intelligence interface, Visualizer, to:
  • View summary data based on any application or journal header field
  • Isolate the desired population instantaneously
  • Accessing the detailed data corresponding to the desired population

“Our AP-Journal product has proved to be an ongoing success, and has been selling successfully worldwide for several years,” said Eli Spitz, VP Business Development, Raz-Lee Security. “In fact, AP-Journal’s success was instrumental in bringing about the recent press focus on IBM i Application Security, in addition to “traditional” infrastructure security aspects like network access, QAUDJRN monitoring and reporting, and user profile auditing”.

Cont.

AP-Journal had a significant impact at Toyota Boshoku America which attained JSOX compliance by providing reports on changes in application files. Another especially interesting implementation of AP-Journal was at Promedico which included

• Preventing undue blockage of customer orders on account of credit limitations
• Checking the validity of updates to pharmaceutical product’s expiration dates

Accelerating the supply process

Join our select team of experts and discover the lucrative Power i (iSeries/AS/400) market. Distribute Raz-Lee’s advanced security software products around the world.

In addition to marketing and supporting Raz-Lee’s products, our partners provide profitable professional services and projects, such as security software implementation, configuration and assessments, all based around our field-proven products.

We provide our partners with solid support, technical training, regular updates and a wide array of marketing and sales tools.

For more information contact marketing@razlee.com

  The Banco di Sardegna, a major Italian bank, deployed the following iSecurity Power i Security products from Raz-Lee Security:

• User & Password Management
• Firewall
• System Control
• Screen
• Visualizer
• Action
• Audit
• Assessment

Click here to view the case study
Click here for more information on Raz-Lee & iSecurity
Email Raz-Lee at marketing@razlee.com

Raz-Lee Security has launched an innovative educational venture, in order to help Italian enterprises understand and implement the new amendments to the Italian Privacy Code 196/2003, concerning System Administrators’ role in company’s data security.

The new legislation specifies procedures for data protection, including technical and administrative measures which companies are required to implement. It holds IT departments directly responsible for user access and actions relating to companies’ information systems. Obviously, this has significant implications on System i Security as well. The legislation is expected to come into effect on June 30th 2009, after being publicized on 14 January 2009, followed by subsequent delays in its enforcement.

In the framework of the new venture, Raz-Lee has been holding free seminars explaining the requirements of the new legislation and how to implement it on System i. The sessions are conducted by Raz-Lee System i Security experts residing in Italy, who also provide ongoing technical support to Raz-Lee’s Italian customers. The meetings are conducted in intimate forums, with up to seven companies attending, in order to enable effective interactive discussions.

So far, Raz-Lee has held over 30 Round Table meetings across Italy, from Milan and Como to Naples and Sicily. Following the success and enthusiastic feedback from attending companies, Raz-Lee will continue to host such meetings. The meetings are attended by IT staff as well as top management of Italian companies.

The Round Table meetings cover the following topics:

- Security Assessment of System i
- Access monitoring & Control (FTP, ODBC, SQL)
- System auditing
- Centralized Management
- Reporting

“We are glad to be contributing tangible value to Italian enterprises in the area of our expertise, System i Security,” said Nicola Fusco, South Europe Area Manager, Raz-Lee Security. “We have a large, long-standing installed base in Italy, and it has widened further since we began this exceptional tour.”

For more information on Round Table meetings in Italy, email info.southeurope@razlee.com

Written by Shari Masafy, MarCom Manager at Raz-Lee Security
Email Shari Masafy at marketing@razlee.com

Delta Galil, a worldwide manufacturer and provider of fashion & basic apparel, has selected iSecurity to protect their System i/AS400  environment.

And here’s what they have to say about iSecurity: “iSecurity offers us a full response to our needs as a public company committed to organized procedures – follow-up on all user access and activity,” said Ashraf Shofani, System i Manager, Delta Galil. “Furthermore, we became acquainted with the system in one day, configured it in a single session, and since then it has run automatically.”

As a public company, Delta Galil (TLV: DELT) is obligated to ensure transparency and close control of its information systems and System i environment. Accordingly, they monitor network access, perform system auditing using Firewall and Audit products, and submit user access reports.

After examining several products on the market, Delta decided on iSecurity solution, due to its ability to produce reports which are fully customized to the company’s requirements. Delta was particularly impressed with iSecurity’s easy deployment and user interface, facilitating the corporate System i security experience.

Delta’s iSecurity solution includes:
- Firewall – secures every type of network access to and from the System i.
- Password – integrates all OS/400 password management capabilities, blocking non-secure passwords.
- Screen – protects unattended terminal screens.
- Audit – reports on user activities and object access in real-time, including multi-system environments.
- Action – invokes corrective and reporting procedures for detected security breaches in other iSecurity modules, and sends emails, SMS and SYSLOG messages.
User Profile Manager – presents comprehensive information on user profiles
AP-Journal Regulation Compliance - reports on changes in application databases.

Using Firewall, the Delta team monitors all access – both internal and external – to the system, and when anyone commits a breach, the System i manager immediately gets an alert. Using Audit, the manager gets reports on the use of specific software on which Delta is obligated to report. The manager is notified whenever someone attempts to access a file or library which is blocked.

Written by Shari Masafy, MarCom Manager at Raz-Lee Security
Email Shari Masafy at marketing@razlee.com